Tag Archive for viruses

Sorry, Apple People, You’re Just Not That Popular

I know, you think I’m less than smart, but let me assure you, I have some idea what I’m talking about. I began as a wildly satisfied Apple ][+ user many decades ago. While others bought “inferior” computers that hit the market, from PET, Commodore, Atari and TRS-80…well, Atari was the bomb for gaming….I was forging ahead. I moved to the Mac line with a 512K, then an SE, a Mac II, then a IIcx. I learned how to make a computer work for humans because of Apple.

However, here’s the reality. Macs aren’t that popular. I support this by playing into the meme that Macs don’t get viruses, ergo, they are superior platforms. Nope, you have that wrong, but there is the genius of not only Apple, but the evangelized Apple faithful that have somehow missed the point of their lack of bad programmings disrupting their lives at the worst moment, as PC users have come to know and still not love.

Here’s the truth staring you in the face, Apple fanatics: You’re not popular with the people who create viruses, and therefore, you don’t get them. It’s not that your computer is in this uber operating system world, impenetrable by mere mortals out to steal credit card and bank account numbers. I know, in just about every single movie where the earth is saved from alines of environmental disaster, Apples are prominently displayed and used in the crucial scenes. I also know some of you believe that to be the real case.

What’s really up is this: The MacOS is built on top of UNIX, which is very secure, but the face that, depending on the link, the Apple market is about 10-12% and therefore, the effort to infect them is not worth the ROI, on one analysis point. Take the next step: How many Macs are used to manage and handle credit card databases, and large customer files? Pretty much none. Besides taking quite a bit of effort to learn the system inside and out, even if they could find ways in through security flaws, they would most likely find intellectual property, but not something they could make money on, like entire user profiles of banking/financial services, a key set of data for identity theft.

Consider, from a business owner’s view point: If you could set up to serve 87-90% of the market for the same effort to serve 10-13%, with the return per customer the same, which direction would you head? There will be a minnow out there (thank you, Scott Weber!) who gets this answer wrong and insists loudly they are correct, but you all know the right answer to remain viable in the market. That’s why you’re also not infected. Far more ROI in spending your energy developing and working the PC market and the associated Windows based server farms. Not to mention, Apple made a run at the server world and built a very cool piece of technology, but like Beta tape, the public went for the lesser versions in the PC based systems using LINUX and Windows.

That all being said, there are those, because the Apple market share is growing no doubt, who are taking up the challenge to infect the Apple Faithful. You’ve been spared due to not being attractive (I’m not talking the aesthetics of the device design, but the ugly fact that Apples aren’t used to conduct serious financial business). That’s my tough love for you. Some are coming after you and the good news is you can now enjoy virus and malware protection as we PC users do.

Now let me, after turning your meme upside down, drop it on (your) its head: If the MacOS doesn’t get viruses, as some smuggly post to Facebook, why, pray tell, would giant anti-virus companies have software on the market to provide anti-virus for the MacOS that doens’t get viruses? Oh, yeah, it would be a very silly and costly idea to serve a market that has no need, right? Software costs money and then, as any product has to return some what of a profit, or it will be dropped from the company offerings for failing to add to the bottom line.

Check this Dogpile search out: Looks like Symantec, ESET, Norton and Webroot, Avast, AVG just to name a few “small” companies trying to sell something “real” Mac users don’t need.

I’m hoping this dose of reality spurs the Apple faithful to break down and admit they have been a tool in the greater Mac propaganda machine, but then get online and download an appropriate software package to protect themselves. Speaking as a complete PC/Windows user for all my own (too) many computers, it’s a pain to get them, I have two layers of anti-malware/virus on all my systems, just to practice as much safe computing as possible. I encourage you Mac types to do the same. I see the helplessness in people’s eyes all the time, when they have contracted such an infection. Trust me, you don’t want to feel that way, let alone missing your working hours while I or your Mac tech (who should have already advised you to get software – if they haven’t, send them this link so they can be better providers for their customer base) conduct the technical exorcism rites.

If you need help in getting protected, contact me and let’s get you into the real world you actually live in.

Malware and Virus attacks get more “life-like”

I spent a few hours pulling a serious malware infection, actually a set of 8 different ones, off a client’s main system yesterday. He contracted the mess at 5:40 PM last Monday.

My contention os these attacks are getting more “life-like” is based on the manner in which he identified the moment of problems: He has a major customer and he ships mountains of product to them via UPS. On Monday afternoon (consider what else was going on in the Post-Christmas days and UPS), he received and email indicating an updated delivery status for his UPS shipment. His comment was it appeared to look very much like others he had received via the major customer, so he clicked on it. He said it didn’t have fancy graphics, but it certainly was a detailed looking email, not a one liner with a link.

It also reminds me of the 1-3 emails I get a day into one of my other blogging emails that obviously some scraper picked up off that site. They tend to be advertisements, but they are mixed in with emails that are my accounts at (fill in the banking institution) suspended, blocked, etc. Some of them actually are all dressed up with HTML graphics layouts, too. I stay away, but then I deal with this daily. For others, like my client, when one comes that makes sense to their work flow/life/personal business/social networking, there is a likelihood they will allow the malware in, and their firewalls may not stop it.

For the user: You have to be wary of things that look kinda true , but something still tells you it’s not kosher and look closer before clicking.

Be careful out there and practice safe computing!

For you techs, looking how to get rid of this:

Anyhow, it really embedded itself within his system, flagged as a Win32 password stealer by Microsoft Security Essentials. The good news, in early Tuesday, I convinced him to take the rest of the year off and reward himself for a great year, and I’d be over Thursday morning (since the malware would allow a network connection for a few moments, then cut it off, so a remote session was out of the question.

I used MalwareBytes, Microsoft Security Essentials, Kaspersky TDSS Root Killer and old school digging through the entire registry, after seeing the names in the user appdata roaming and local files under nonsense random lettering named .exe files and folders.

I called this one a “repeater,” as MSE would identify it, clean it, then it would fire itself back up about 30 seconds later. I would see 8 different start up program listings named BitNefender 2016, turn them off, and they would be back, activated in the next reboot. Interestingly enough, searching for that name in the registry never found anything, even after several tries.

It was the searching for the keys and values in the registry and manually deleting them) that, in combination of the MSE and MalWareBytes scans that finally got things working normally, including restoring a constant network connection.

“Flame” – a new virus, but it’s not after your credit card information

Quite often I’m asked why do people write viruses and malware. The bottom line: because it makes them money.

Today, there’s another reason. The recent news indicates a virus by the name of “Flame” is running amok in the Middle East, specifically Iran. From the New York Times – “Researchers Find Clues in Malware:’

Security experts have only begun examining the thousands of lines of code that make up Flame, an extensive, data-mining computer virus that has been designed to steal information from computers across the Middle East, but already digital clues point to its creators and capabilities.
[…]

There you have it. Governments are now in the business of writing PC based malware for the specific purpose to conduct espionage. Which government? We can all speculate, but most likely one’s threatened by the prospect of a nuclear arsenal being built by an unfriendly neighboring nation.

There have been two other reported viruses used to work inside the computers of other nations, but one, Stuxnet, wasn’t designed to go after computer users, but the systems used to run machinery, in that case centrifuges. Duqu, the other known one, was like Flame, to collect information and email it out, but not nearly as sophisticated as Flame.

And this quote is a keeper for the NYT article linked above:

“This is the third such virus we’ve seen in the past three years,” Vikram Thakur, a Symantec researcher, said in an interview Tuesday. “It’s larger than all of them. The question we should be asking now is: How many more such campaigns are going on that we don’t know about?”

Isn’t it Ironic? Mac OS X Virus arrives

A sesimic shift in the PC word has just happened: A Mac OS X virus is here, coming in the form of a Java script off of social media.

The irony? as I was removing a virus off a “real” PC this morning, my client indicated they might buy a Mac, so they wouldn’t viruses. I began with a little business analogy: One day, it will happen. When? When the Macs in the market reach some magical %, the “bad guys” will then take the time to study the Mac OS in detail, to try and exploit it. I also went on to discuss how a business decision, when done right, always looks for the most impact, for the least expenditure of resources. And, as of that moment, it must haven’t arrived (little did I know)…yet. I potulated, that when it did, it would be like a very big tidal wave, particulalry accentuated by the fact that it’s “well known” Macs are invulnerable from attack. Yeah, right.

So any how, for you MacoPhiles…gird your loins, the attainment of 20% of the PC market by Macs announced by Steve Jobs a few days ago, has had an impact on your bulletproofness. Be on your toes, and hope the good guys have anti-virus software ready for you, really, really soon.

Here’s the warning from the articles at ARSTechnica:

A new trojan horse has cropped up that affects Mac OS X (and Windows as well), primarily disguised as a video flitting around social networking sites. When users click an infected link, a Java applet is launched that downloads multiple files, including an installer that runs automatically without users’ knowledge.

While between other appointments this after noon, I saw the article (linked above) and I knew the time has come.

Note, too, you Windows based PC users, you’re a casualty of this new attack, too.

Be on the look out for any video on the social media sites….all of you computer users.

I’ll bring this history, too, because there have been Mac based viruses before. In early 1988, I contracted the “Scores” virus on my Mac II from a download off of GEnie.

That was bad news. The good news is the PC market exploded on cheap Intel based PCs and the bad guys went after them. That has left the Mac world as the untouchables for all these years…until now.

LimeWire is Dead…

Thankfully. I know a lot of people liked it, as they could avoid, not only paying retail for music and movies, but not pay anything at all….until some of them had to call me, because their computers were so zapped by malware/spyware/scareware/ransomware from embedded “payloads.”

In one case it wasn’t pretty at all, with me spending three evening trying to save their family photos.

The “bad guys” figured out how to insert viruses and Trojans in the “free” files, on that peer-to-peer sharing network. Not all of them, but it certainly was a crap shoot when you tried to pick a torrent to pull down for your entertainment.

Anyhow, the full report from TechCrunch is here.

Random Bits From the Digital Trenches

Technology is creeping ahead…quickly. iPads are making it off the shelves in massive numbers, and…yes, there is a security issue. Interesting, isn’t it: The more connected we become, the more we are “exposing” our information. And, as the old saying goes, you can make mistakes with computers so much faster and many more times!

The “bad guys” are hard at work. About 6 months ago, people called me with “scareware” viruses and I could eradicate them in under an hour. Since then, a new wave has appeared, and they not only have a propensity to fake where they are installed, they also now find the more common anti-spyware database files on your systems and remove the identification data, so you can scan your system and they are not recognized. Net result: The “infection” hangs on longer and takes more effort to find and eradicate them. Are you practicing “safe computing?” If you don’t have anti-virus and anti-spyware and a firewall besides the one that comes with Windows, shame on you! By having those installed, you have a much better chance of not having to call me in to get you back to work, and writing me a check.

Smartphones. Geez….the iPhone 4 is very, very cool. That, along with the many others hitting the market, both in the Android and Windows based ones, cell phone band width will become an issue. We consumers will be amazed that “unlimited” plans really aren’t. In defense of the carriers, it takes money and technical expertise and time to keep the “backbones” upgraded for us to use. Think of it as road construction, and it’s going to be a massive rush hour. Just as we see our digitally connected worlds expanding exponentially, there will be the just one more customer that sends your connection speed down the tubes. It’s a problem of aggregation, not that one users.

Next issue: Apple really upped the ante with the “retina” display technology. Think you have a nice screen now? Think again. We have been living on display surfaces, both in the cathode ray tube and now the LCD/LED era, at resolutions of no greater than 75 dots per inch (dpi), at best…usually 72 dpi.

drool over this: 326 dpi! Math: 326/75 = 4.3X improvement in picture clarity. It used to be, I “thinned” out pictures for web use to 100 dpi, because above that, you couldn’t tell the difference, and it also less data to transfer, so the pictures on a web page loaded much faster. Now 400 dpi wil have to be the default standard for high quality on the net. That also means more data flying about, clogging the pipes. In actuality, it will be a while before we really have to worry about this, as only the really big corporations, and “bleeding edge” early adopters will have such displays, but maybe 5-8 years down the road, this resolution will become an accepted common standard. My prediction, not connected to anything I’ve read…yet.

WordPress is no longer just blogging software. It’s now a true “Content Management System” (CMS). I’ll be revamping the site one day, to take advantage of this functionality, but It will be a planned, staged retooling, as I see potential for dropping all the blog posts into thin air, if the right steps aren’t taken. I have a “sandbox” out there in the net, just so I can see what steps to take, in what order. Part of my self-educating process, so I can do it for clients.

Windows 7 is still doing well. I like it more and more. I still haven’t migrated my trusty workhorse, the laptop, but that is another staged, well planned event, so as not to come up saying “Hey! Where did ________________ file go?” Sort of like the locker room scene in “Top Gun,” where the “best of the best” discussed their first day of practice air combat maneuvers (ACM). That part of the locker room scene isn’t on YouTube…

There are a few notes from my world, to give you some insight into yours!